libXfont security update

2014-11-24T00:00:00
ID ELSA-2014-1893
Type oraclelinux
Reporter Oracle
Modified 2014-11-24T00:00:00

Description

[1.2.2-1.0.6] - CVE-2014-0209: integer overflow of allocations in font metadata file parsing (bug 1163602, bug 1163601) - CVE-2014-0210: unvalidated length fields when parsing xfs protocol replies (bug 1163602, bug 1163601) - CVE-2014-0211: integer overflows calculating memory needs for xfs replies (bug 1163602, bug 1163601)